package com.hwd.gmall.oauth.config;

import com.hwd.gmall.oauth.util.UserJwt;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.provider.token.DefaultUserAuthenticationConverter;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * 自定义用户身份验证转换器
 *
 * @author 黄伟东/Victor
 * @date 2022/5/4 17:07
 */
@Component
public class CustomUserAuthenticationConverter extends DefaultUserAuthenticationConverter {

    @Resource
    private UserDetailsService userDetailsService;

    /**
     * 决定生成的jwt令牌中存储什么数据（载荷的东西）
     *
     * @param authentication 权限验证对象
     * @return java.util.Map<java.lang.String, ?>
     */
    @Override
    public Map<String, ?> convertUserAuthentication(Authentication authentication) {

        LinkedHashMap<String, Object> response = new LinkedHashMap<>();

        String name = authentication.getName();
        response.put("username", name);

        Object principal = authentication.getPrincipal();

        UserJwt userJwt;

        if (principal instanceof UserJwt) {
            userJwt = (UserJwt) principal;
        } else {
            // refresh_token默认不去调用userDetailService获取用户信息，这里我们手动去调用，得到 UserJwt
            UserDetails userDetails = userDetailsService.loadUserByUsername(name);
            userJwt = (UserJwt) userDetails;
        }

        response.put("name", userJwt.getName());
        response.put("id", userJwt.getId());

        if (authentication.getAuthorities() != null && !authentication.getAuthorities().isEmpty()) {
            response.put("authorities", AuthorityUtils.authorityListToSet(authentication.getAuthorities()));
        }
        return response;
    }

}
